CVE-2023-31347

Medium

Due to a code bug in Secure_TSC, SEV firmware may allow an attacker with high privileges to cause a guest to observe an incorrect TSC when…

AMD·NVD-CWE-noinfo·Published 2024-02-13

CVSS

4.9

EPSS

0.00

KEV

Exploits

Vendor statements (1)

amd.com

cve.orgen

219 chars

Due to a code bug in Secure_TSC, SEV firmware may allow an attacker with high privileges to cause a guest to observe an incorrect TSC when Secure TSC is enabled potentially resulting in a loss of guest integrity.

NVDes

256 chars

Debido a un error de código en Secure_TSC, el firmware SEV puede permitir que un atacante con altos privilegios haga que un invitado observe un TSC incorrecto cuando Secure TSC está habilitado, lo que podría provocar una pérdida de integridad del invitado.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	4.9	—	—	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
3.1	Primary	NVD	4.9	1.2	3.6	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
3.1	Primary	cve.org	4.9	—	—	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
3.1	Secondary	NVD	4.9	1.2	3.6	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N